Latest in Gear

Image credit: Getty

Millions of LinkedIn passwords stolen in 2012 surface online

They're being sold for $2,300.
432 Shares
Share
Tweet
Share
Save

Sponsored Links

Getty

You've probably already forgotten that LinkedIn was hacked back in 2012, but you could still be affected by that four-year-old security breach. According to Motherboard, someone going by the name "Peace" is selling (if he hasn't sold them yet) 117 million LinkedIn username and password combos on a dark web marketplace for 5 Bitcoins or around $2,300. When the attack was first discovered, only 6.5 million users' details were leaked -- this dump reveals that the breach was much, much bigger. In fact, a hacked data search engine told Motherboard that the database Peace listed contains 167 million accounts. It's just that only 117 million have both usernames and passwords.

Just like the 6.5 million passwords leaked in 2012, the ones in this batch are unsalted SHA-1 hashes. That means they're easier to crack, because they lack "salt" or the random data attached to encrypted passwords that make them harder to decode. LinkedIn has confirmed in a blog post -- where it also encouraged people to enable two-step verification -- that the combinations being sold were part of the data stolen four years ago. The company has started invalidating passwords created before 2012, so you might receive a note to change yours if you've been a user for quite some time.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
432 Shares
Share
Tweet
Share
Save

Popular on Engadget

The 2019 Engadget Holiday Gift Guide

The 2019 Engadget Holiday Gift Guide

View
Apple's latest iOS 13 update fixes Mail, background download glitches

Apple's latest iOS 13 update fixes Mail, background download glitches

View
FCC chairman wants public auction to repurpose satellite bands for 5G

FCC chairman wants public auction to repurpose satellite bands for 5G

View
Valve will unveil its 'Half-Life: Alyx' VR game on Thursday

Valve will unveil its 'Half-Life: Alyx' VR game on Thursday

View
Amazon expands free music streaming to Android, iOS and Fire TV

Amazon expands free music streaming to Android, iOS and Fire TV

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr